/src/openssl32/providers/implementations/rands/seed_src.c

Source (jump to first uncovered line)
/*
 * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include <openssl/rand.h>
#include <openssl/core_dispatch.h>
#include <openssl/e_os2.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/randerr.h>
#include <openssl/proverr.h>
#include "prov/implementations.h"
#include "prov/provider_ctx.h"
#include "crypto/rand.h"
#include "crypto/rand_pool.h"

static OSSL_FUNC_rand_newctx_fn seed_src_new;
static OSSL_FUNC_rand_freectx_fn seed_src_free;
static OSSL_FUNC_rand_instantiate_fn seed_src_instantiate;
static OSSL_FUNC_rand_uninstantiate_fn seed_src_uninstantiate;
static OSSL_FUNC_rand_generate_fn seed_src_generate;
static OSSL_FUNC_rand_reseed_fn seed_src_reseed;
static OSSL_FUNC_rand_gettable_ctx_params_fn seed_src_gettable_ctx_params;
static OSSL_FUNC_rand_get_ctx_params_fn seed_src_get_ctx_params;
static OSSL_FUNC_rand_verify_zeroization_fn seed_src_verify_zeroization;
static OSSL_FUNC_rand_enable_locking_fn seed_src_enable_locking;
static OSSL_FUNC_rand_lock_fn seed_src_lock;
static OSSL_FUNC_rand_unlock_fn seed_src_unlock;
static OSSL_FUNC_rand_get_seed_fn seed_get_seed;
static OSSL_FUNC_rand_clear_seed_fn seed_clear_seed;

typedef struct {
    void *provctx;
    int state;
} PROV_SEED_SRC;

static void *seed_src_new(void *provctx, void *parent,
                          const OSSL_DISPATCH *parent_dispatch)
{
    PROV_SEED_SRC *s;

    if (parent != NULL) {
        ERR_raise(ERR_LIB_PROV, PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT);
        return NULL;
    }

    s = OPENSSL_zalloc(sizeof(*s));
    if (s == NULL)
        return NULL;

    s->provctx = provctx;
    s->state = EVP_RAND_STATE_UNINITIALISED;
    return s;
}

static void seed_src_free(void *vseed)
{
    OPENSSL_free(vseed);
}

static int seed_src_instantiate(void *vseed, unsigned int strength,
                                int prediction_resistance,
                                const unsigned char *pstr, size_t pstr_len,
                                ossl_unused const OSSL_PARAM params[])
{
    PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed;

    s->state = EVP_RAND_STATE_READY;
    return 1;
}

static int seed_src_uninstantiate(void *vseed)
{
    PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed;

    s->state = EVP_RAND_STATE_UNINITIALISED;
    return 1;
}

static int seed_src_generate(void *vseed, unsigned char *out, size_t outlen,
                             unsigned int strength,
                             ossl_unused int prediction_resistance,
                             ossl_unused const unsigned char *adin,
                             ossl_unused size_t adin_len)
{
    PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed;
    size_t entropy_available;
    RAND_POOL *pool;

    if (s->state != EVP_RAND_STATE_READY) {
        ERR_raise(ERR_LIB_PROV,
                  s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE
                                                   : PROV_R_NOT_INSTANTIATED);
        return 0;
    }

    pool = ossl_rand_pool_new(strength, 1, outlen, outlen);
    if (pool == NULL) {
        ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB);
        return 0;
    }

    /* Get entropy by polling system entropy sources. */
    entropy_available = ossl_pool_acquire_entropy(pool);

    if (entropy_available > 0)
        memcpy(out, ossl_rand_pool_buffer(pool), ossl_rand_pool_length(pool));

    ossl_rand_pool_free(pool);
    return entropy_available > 0;
}

static int seed_src_reseed(void *vseed,
                           ossl_unused int prediction_resistance,
                           ossl_unused const unsigned char *ent,
                           ossl_unused size_t ent_len,
                           ossl_unused const unsigned char *adin,
                           ossl_unused size_t adin_len)
{
    PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed;

    if (s->state != EVP_RAND_STATE_READY) {
        ERR_raise(ERR_LIB_PROV,
                  s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE
                                                   : PROV_R_NOT_INSTANTIATED);
        return 0;
    }
    return 1;
}

static int seed_src_get_ctx_params(void *vseed, OSSL_PARAM params[])
{
    PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed;
    OSSL_PARAM *p;

    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STATE);
    if (p != NULL && !OSSL_PARAM_set_int(p, s->state))
        return 0;

    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STRENGTH);
    if (p != NULL && !OSSL_PARAM_set_int(p, 1024))
        return 0;

    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST);
    if (p != NULL && !OSSL_PARAM_set_size_t(p, 128))
        return 0;
    return 1;
}

static const OSSL_PARAM *seed_src_gettable_ctx_params(ossl_unused void *vseed,
                                                      ossl_unused void *provctx)
{
    static const OSSL_PARAM known_gettable_ctx_params[] = {
        OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL),
        OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL),
        OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL),
        OSSL_PARAM_END
    };
    return known_gettable_ctx_params;
}

static int seed_src_verify_zeroization(ossl_unused void *vseed)
{
    return 1;
}

static size_t seed_get_seed(void *vseed, unsigned char **pout,
                            int entropy, size_t min_len, size_t max_len,
                            int prediction_resistance,
                            const unsigned char *adin, size_t adin_len)
{
    size_t ret = 0;
    size_t entropy_available = 0;
    size_t i;
    RAND_POOL *pool;

    pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
    if (pool == NULL) {
        ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB);
        return 0;
    }

    /* Get entropy by polling system entropy sources. */
    entropy_available = ossl_pool_acquire_entropy(pool);

    if (entropy_available > 0) {
        ret = ossl_rand_pool_length(pool);
        *pout = ossl_rand_pool_detach(pool);

        /* xor the additional data into the output */
        for (i = 0 ; i < adin_len ; ++i)
            (*pout)[i % ret] ^= adin[i];
    } else {
        ERR_raise(ERR_LIB_PROV, PROV_R_ENTROPY_SOURCE_STRENGTH_TOO_WEAK);
    }
    ossl_rand_pool_free(pool);
    return ret;
}

static void seed_clear_seed(ossl_unused void *vdrbg,
                            unsigned char *out, size_t outlen)
{
    OPENSSL_secure_clear_free(out, outlen);
}

static int seed_src_enable_locking(ossl_unused void *vseed)
{
    return 1;
}

int seed_src_lock(ossl_unused void *vctx)
{
    return 1;
}

void seed_src_unlock(ossl_unused void *vctx)
{
}

const OSSL_DISPATCH ossl_seed_src_functions[] = {
    { OSSL_FUNC_RAND_NEWCTX, (void(*)(void))seed_src_new },
    { OSSL_FUNC_RAND_FREECTX, (void(*)(void))seed_src_free },
    { OSSL_FUNC_RAND_INSTANTIATE,
      (void(*)(void))seed_src_instantiate },
    { OSSL_FUNC_RAND_UNINSTANTIATE,
      (void(*)(void))seed_src_uninstantiate },
    { OSSL_FUNC_RAND_GENERATE, (void(*)(void))seed_src_generate },
    { OSSL_FUNC_RAND_RESEED, (void(*)(void))seed_src_reseed },
    { OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))seed_src_enable_locking },
    { OSSL_FUNC_RAND_LOCK, (void(*)(void))seed_src_lock },
    { OSSL_FUNC_RAND_UNLOCK, (void(*)(void))seed_src_unlock },
    { OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
      (void(*)(void))seed_src_gettable_ctx_params },
    { OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))seed_src_get_ctx_params },
    { OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
      (void(*)(void))seed_src_verify_zeroization },
    { OSSL_FUNC_RAND_GET_SEED, (void(*)(void))seed_get_seed },
    { OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))seed_clear_seed },
    OSSL_DISPATCH_END
};

Coverage Report

Created: 2025-06-13 06:58

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <string.h>
11		#include <openssl/rand.h>
12		#include <openssl/core_dispatch.h>
13		#include <openssl/e_os2.h>
14		#include <openssl/params.h>
15		#include <openssl/core_names.h>
16		#include <openssl/evp.h>
17		#include <openssl/err.h>
18		#include <openssl/randerr.h>
19		#include <openssl/proverr.h>
20		#include "prov/implementations.h"
21		#include "prov/provider_ctx.h"
22		#include "crypto/rand.h"
23		#include "crypto/rand_pool.h"
24
25		static OSSL_FUNC_rand_newctx_fn seed_src_new;
26		static OSSL_FUNC_rand_freectx_fn seed_src_free;
27		static OSSL_FUNC_rand_instantiate_fn seed_src_instantiate;
28		static OSSL_FUNC_rand_uninstantiate_fn seed_src_uninstantiate;
29		static OSSL_FUNC_rand_generate_fn seed_src_generate;
30		static OSSL_FUNC_rand_reseed_fn seed_src_reseed;
31		static OSSL_FUNC_rand_gettable_ctx_params_fn seed_src_gettable_ctx_params;
32		static OSSL_FUNC_rand_get_ctx_params_fn seed_src_get_ctx_params;
33		static OSSL_FUNC_rand_verify_zeroization_fn seed_src_verify_zeroization;
34		static OSSL_FUNC_rand_enable_locking_fn seed_src_enable_locking;
35		static OSSL_FUNC_rand_lock_fn seed_src_lock;
36		static OSSL_FUNC_rand_unlock_fn seed_src_unlock;
37		static OSSL_FUNC_rand_get_seed_fn seed_get_seed;
38		static OSSL_FUNC_rand_clear_seed_fn seed_clear_seed;
39
40		typedef struct {
41		void *provctx;
42		int state;
43		} PROV_SEED_SRC;
44
45		static void seed_src_new(void provctx, void *parent,
46		const OSSL_DISPATCH *parent_dispatch)
47	37	{
48	37	PROV_SEED_SRC *s;
49
50	37	if (parent != NULL) {
51	0	ERR_raise(ERR_LIB_PROV, PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT);
52	0	return NULL;
53	0	}
54
55	37	s = OPENSSL_zalloc(sizeof(*s));
56	37	if (s == NULL)
57	0	return NULL;
58
59	37	s->provctx = provctx;
60	37	s->state = EVP_RAND_STATE_UNINITIALISED;
61	37	return s;
62	37	}
63
64		static void seed_src_free(void *vseed)
65	37	{
66	37	OPENSSL_free(vseed);
67	37	}
68
69		static int seed_src_instantiate(void *vseed, unsigned int strength,
70		int prediction_resistance,
71		const unsigned char *pstr, size_t pstr_len,
72		ossl_unused const OSSL_PARAM params[])
73	36	{
74	36	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
75
76	36	s->state = EVP_RAND_STATE_READY;
77	36	return 1;
78	36	}
79
80		static int seed_src_uninstantiate(void *vseed)
81	0	{
82	0	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
83
84	0	s->state = EVP_RAND_STATE_UNINITIALISED;
85	0	return 1;
86	0	}
87
88		static int seed_src_generate(void vseed, unsigned char out, size_t outlen,
89		unsigned int strength,
90		ossl_unused int prediction_resistance,
91		ossl_unused const unsigned char *adin,
92		ossl_unused size_t adin_len)
93	1	{
94	1	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
95	1	size_t entropy_available;
96	1	RAND_POOL *pool;
97
98	1	if (s->state != EVP_RAND_STATE_READY) {
99	0	ERR_raise(ERR_LIB_PROV,
100	0	s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE
101	0	: PROV_R_NOT_INSTANTIATED);
102	0	return 0;
103	0	}
104
105	1	pool = ossl_rand_pool_new(strength, 1, outlen, outlen);
106	1	if (pool == NULL) {
107	0	ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB);
108	0	return 0;
109	0	}
110
111		/* Get entropy by polling system entropy sources. */
112	1	entropy_available = ossl_pool_acquire_entropy(pool);
113
114	1	if (entropy_available > 0)
115	1	memcpy(out, ossl_rand_pool_buffer(pool), ossl_rand_pool_length(pool));
116
117	1	ossl_rand_pool_free(pool);
118	1	return entropy_available > 0;
119	1	}
120
121		static int seed_src_reseed(void *vseed,
122		ossl_unused int prediction_resistance,
123		ossl_unused const unsigned char *ent,
124		ossl_unused size_t ent_len,
125		ossl_unused const unsigned char *adin,
126		ossl_unused size_t adin_len)
127	0	{
128	0	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
129
130	0	if (s->state != EVP_RAND_STATE_READY) {
131	0	ERR_raise(ERR_LIB_PROV,
132	0	s->state == EVP_RAND_STATE_ERROR ? PROV_R_IN_ERROR_STATE
133	0	: PROV_R_NOT_INSTANTIATED);
134	0	return 0;
135	0	}
136	0	return 1;
137	0	}
138
139		static int seed_src_get_ctx_params(void *vseed, OSSL_PARAM params[])
140	35	{
141	35	PROV_SEED_SRC s = (PROV_SEED_SRC )vseed;
142	35	OSSL_PARAM *p;
143
144	35	p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STATE);
145	35	if (p != NULL && !OSSL_PARAM_set_int(p, s->state))
146	0	return 0;
147
148	35	p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STRENGTH);
149	35	if (p != NULL && !OSSL_PARAM_set_int(p, 1024))
150	0	return 0;
151
152	35	p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST);
153	35	if (p != NULL && !OSSL_PARAM_set_size_t(p, 128))
154	0	return 0;
155	35	return 1;
156	35	}
157
158		static const OSSL_PARAM seed_src_gettable_ctx_params(ossl_unused void vseed,
159		ossl_unused void *provctx)
160	0	{
161	0	static const OSSL_PARAM known_gettable_ctx_params[] = {
162	0	OSSL_PARAM_int(OSSL_RAND_PARAM_STATE, NULL),
163	0	OSSL_PARAM_uint(OSSL_RAND_PARAM_STRENGTH, NULL),
164	0	OSSL_PARAM_size_t(OSSL_RAND_PARAM_MAX_REQUEST, NULL),
165	0	OSSL_PARAM_END
166	0	};
167	0	return known_gettable_ctx_params;
168	0	}
169
170		static int seed_src_verify_zeroization(ossl_unused void *vseed)
171	0	{
172	0	return 1;
173	0	}
174
175		static size_t seed_get_seed(void vseed, unsigned char *pout,
176		int entropy, size_t min_len, size_t max_len,
177		int prediction_resistance,
178		const unsigned char *adin, size_t adin_len)
179	2	{
180	2	size_t ret = 0;
181	2	size_t entropy_available = 0;
182	2	size_t i;
183	2	RAND_POOL *pool;
184
185	2	pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
186	2	if (pool == NULL) {
187	0	ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB);
188	0	return 0;
189	0	}
190
191		/* Get entropy by polling system entropy sources. */
192	2	entropy_available = ossl_pool_acquire_entropy(pool);
193
194	2	if (entropy_available > 0) {
195	2	ret = ossl_rand_pool_length(pool);
196	2	*pout = ossl_rand_pool_detach(pool);
197
198		/* xor the additional data into the output */
199	18	for (i = 0 ; i < adin_len ; ++i)
200	16	(*pout)[i % ret] ^= adin[i];
201	2	} else {
202	0	ERR_raise(ERR_LIB_PROV, PROV_R_ENTROPY_SOURCE_STRENGTH_TOO_WEAK);
203	0	}
204	2	ossl_rand_pool_free(pool);
205	2	return ret;
206	2	}
207
208		static void seed_clear_seed(ossl_unused void *vdrbg,
209		unsigned char *out, size_t outlen)
210	7	{
211	7	OPENSSL_secure_clear_free(out, outlen);
212	7	}
213
214		static int seed_src_enable_locking(ossl_unused void *vseed)
215	7	{
216	7	return 1;
217	7	}
218
219		int seed_src_lock(ossl_unused void *vctx)
220	86	{
221	86	return 1;
222	86	}
223
224		void seed_src_unlock(ossl_unused void *vctx)
225	86	{
226	86	}
227
228		const OSSL_DISPATCH ossl_seed_src_functions[] = {
229		{ OSSL_FUNC_RAND_NEWCTX, (void(*)(void))seed_src_new },
230		{ OSSL_FUNC_RAND_FREECTX, (void(*)(void))seed_src_free },
231		{ OSSL_FUNC_RAND_INSTANTIATE,
232		(void(*)(void))seed_src_instantiate },
233		{ OSSL_FUNC_RAND_UNINSTANTIATE,
234		(void(*)(void))seed_src_uninstantiate },
235		{ OSSL_FUNC_RAND_GENERATE, (void(*)(void))seed_src_generate },
236		{ OSSL_FUNC_RAND_RESEED, (void(*)(void))seed_src_reseed },
237		{ OSSL_FUNC_RAND_ENABLE_LOCKING, (void(*)(void))seed_src_enable_locking },
238		{ OSSL_FUNC_RAND_LOCK, (void(*)(void))seed_src_lock },
239		{ OSSL_FUNC_RAND_UNLOCK, (void(*)(void))seed_src_unlock },
240		{ OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS,
241		(void(*)(void))seed_src_gettable_ctx_params },
242		{ OSSL_FUNC_RAND_GET_CTX_PARAMS, (void(*)(void))seed_src_get_ctx_params },
243		{ OSSL_FUNC_RAND_VERIFY_ZEROIZATION,
244		(void(*)(void))seed_src_verify_zeroization },
245		{ OSSL_FUNC_RAND_GET_SEED, (void(*)(void))seed_get_seed },
246		{ OSSL_FUNC_RAND_CLEAR_SEED, (void(*)(void))seed_clear_seed },
247		OSSL_DISPATCH_END
248		};